Preparation

Once everything is defined and understood the preparation for the Key Ceremony can be considered. This involves preparing the people that will attend, the keys that will be generated and the documentation that is required. These are explained in the following sub sections:

3.11.2.1 Key Ceremony Attendees

3.11.2.2 Notary Public or Equivalent

Key Ceremony Attendees

In preparing for the Key Ceremony, personnel from your Customer’s organization must attend. It is essential to remember at all times that Digi-CA™ is a security product. Throughout the entire Key Ceremony and beyond, every action must occur in a manner that conveys that care has been taken to ensure the highest possible level of security.

Notary Public or Equivalent

A notary public is an official, public witness whose job it is to identify people who are about to sign a document and to witness that signing. A properly credentialed notary public or some person who is authorized by local law to serve as an official, public witness, observes the witness(es) signing the Attestation Letter and then certifies the witnesses’ signatures.

Creation

Once everything necessary to define and prepare for the new CA is completed, the CA is created in a Key Ceremony. This is a set of formal and highly secure procedures that creates a CA. The Root CA should be stored securely and remain in offline state, while Subordinate CAs can be put online for frequent use. There are a number of actions, that should occur on the day of the Key Ceremony and they are explained in the following sub sections: